Posted on April 16, 2009 by Helen Oscislawski

FTC Issues Proposed Rules for Security Breach Notification under HITECH

The Federal Trade Commission (FTC) posted its proposed rule today implementing new breach notification requirements for health records, which were required to be promulgated by the Health Information Technology for Economic and Clinical Health ("HITECH") Act.  The FTC rule will apply to vendors of personal health records and related entities not covered directly by HIPAA.  

The Department of Health and Human Services is required to issue by August 17, 2009 proposed rules pertaining to similar breach notification provisions applicable to entities covered by HIPAA, namely Covered Entities (health care providers; health plans; clearinghouses) and now, as a result of the HITECH Act, Business Associates.  

To review the text of the FTC's proposed rule, click herePublic comments are due on June 1, 2009.

Tags: ,
Trackbacks (0) Links to blogs that reference this article Trackback URL
http://hipaahealthlaw.foxrothschild.com/admin/trackback/125724
Comments (0) Read through and enter the discussion with the form at the end
Post A Comment / Question Use this form to add a comment to this entry.







Remember personal info?
Send To A Friend Use this form to send this entry to a friend via email.